Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.06.2024
Exécuté par Yvon (administrateur) sur PC-YVON (Intel Corporation Jasper Lake Client Platform) (23-06-2024 14:42:45)
Exécuté depuis C:\Users\Yvon\Desktop\FRST64.exe
Profils chargés: Yvon
Plate-forme: Microsoft Windows 11 Professionnel Version 23H2 22631.3737 (X64) Langue: Anglais (États-Unis) -> Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\RocketDock\RocketDock.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxEMN.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files (x86)\Ditto\Ditto.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files (x86)\RocketDock\RocketDock.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files\UltiMaker Cura 5.6.0\UltiMaker-Cura.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.12008.0_x64__8wekyb3d8bbwe\Photos.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2405.13.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(explorer.exe ->) (Simnet Bilgisayar Yazılım Hiz. San. ve Tic. Ltd. Şti. -> Simnet Ltd.) C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe
(explorer.exe ->) (Tyrrrz) [Fichier non signé] C:\Program Files (x86)\LightBulb\LightBulb.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_47d3698a1c94c55a\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d8bdffa26077ee9a\IntelCpHDCPSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN project) C:\Program Files\OpenVPN\bin\openvpnserv2.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
Impossible d'accéder au processus -> vmmemCmZygote
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 1
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 1
HKU\S-1-5-21-4134051112-3384048745-3267083007-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Fichier non signé]
HKU\S-1-5-21-4134051112-3384048745-3267083007-1001\...\Run: [LightBulb] => C:\Program Files (x86)\LightBulb\LightBulb.exe [147456 2024-06-07] (Tyrrrz) [Fichier non signé]
HKU\S-1-5-21-4134051112-3384048745-3267083007-1001\...\Run: [Ditto] => C:\Program Files (x86)\Ditto\Ditto.exe [4604928 2023-04-15] () [Fichier non signé]
HKU\S-1-5-21-4134051112-3384048745-3267083007-1001\...\Run: [Simple Sticky Notes] => C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe [850048 2024-03-24] (Simnet Bilgisayar Yazılım Hiz. San. ve Tic. Ltd. Şti. -> Simnet Ltd.)
HKU\S-1-5-21-4134051112-3384048745-3267083007-1001\...\Run: [MicrosoftEdgeAutoLaunch_1597D6168F201E1468D5C31BFFA62235] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883560 2024-06-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon TS6300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFQ.DLL [526848 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP3600 series: CNMLM99.DLL (Pas de fichier)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6300 series: C:\WINDOWS\system32\CNMLMFQ.DLL [956928 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\PEPrinterMonitor.dll [292592 2023-12-27] (Wondershare Technology Group Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.114\Installer\chrmstp.exe [2024-06-21] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2673FC81-8901-414F-B794-7284DBD595EC} - \update-sys -> Pas de fichier <==== ATTENTION
Task: {53964B93-CFE0-4CFC-A77B-7694025531AB} - \update-sys -> Pas de fichier <==== ATTENTION
Task: {6EA6A613-D690-4F5E-B369-576B69930727} - \update-sys -> Pas de fichier <==== ATTENTION
Task: {B71955AC-3993-43F0-BF22-BBFBE66C6C94} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5472312 2024-06-15] (Microsoft Windows -> Microsoft Corporation)
Task: {5F50C659-A728-4C86-B04F-88452C2AD022} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{03DBDC47-29FE-4385-8F02-FCF26C5EE4F4} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {CD588E78-DAA9-4908-A83B-B1B2B063B02B} - System32\Tasks\GoogleSystem\GoogleUpdater\UIAutomsg => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58856 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\ProgramData\AlertCamera\SjnforSiruct\C:\ProgramData\AlertCamera\SjnforSiruct\AcGlRUpd4Szfn.dll /u
Task: {A7F8327B-0BF7-4C53-967F-9D04DC591B91} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499424 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BB96594-A8B7-4EB8-BAB5-D60B8BF59B5C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499424 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6AB8554-FD92-4BCA-A71A-29BB1A7D9600} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {79F021F7-34C4-4AC9-B634-8381D6A31CA1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A390375D-C341-4D4B-B284-34FA5D43C72A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169648 2024-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F80E7CA6-E910-4A74-A907-A3898E4CD4CE} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\WINDOWS\system32\rundll32.exe [73728 2024-04-24] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {78431258-D667-4F93-A8C8-491FC30838EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B5A447B-54F9-4B9D-AB9E-C111ED5A20FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {076C1A15-3DE1-4315-93E9-37D7F8239262} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B248F3ED-851E-42D2-BF60-E4FF862AD56A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34888 2024-06-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {05466B87-CC6D-47C9-A849-E3656841A5A8} - System32\Tasks\update-S-1-5-21-4134051112-3384048745-3267083007-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Pas de fichier)
Task: {324B5D33-1E1E-495D-BCD1-1C6048AFB58F} - System32\Tasks\update-S-1-5-21-4134051112-3384048745-3267083007-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Pas de fichier)
Task: {77AED174-436B-41F5-92FA-F18DF3B6534A} - System32\Tasks\update-S-1-5-21-4134051112-3384048745-3267083007-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-4134051112-3384048745-3267083007-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{201201ff-df6f-4581-8b8c-f119ba8bf0a9}: [DhcpNameServer] 192.168.248.2
Tcpip\..\Interfaces\{c67dead8-989d-4ad1-bbe5-429414edc9e5}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{fe84ebbe-fd7a-423e-bc70-1b4b22672e00}: [NameServer] 1.1.1.2,1.0.0.2
Tcpip\..\Interfaces\{fe84ebbe-fd7a-423e-bc70-1b4b22672e00}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Profile: C:\Users\Yvon\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-16]
Edge Extension: (Google Docs hors connexion) - C:\Users\Yvon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-06]
Edge Extension: (Edge relevant text changes) - C:\Users\Yvon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-24]
FireFox:
========
FF DefaultProfile: yvuc2nvc.default
FF ProfilePath: C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\yvuc2nvc.default [2024-06-23]
FF ProfilePath: C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 [2024-06-23]
FF DownloadDir: C:\Users\Yvon\Desktop
FF Notifications: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> hxxps://fr1.forgeofempires.com; hxxps://calendar.proton.me
FF NewTabOverride: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> Disabled: michal.simonfy@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> Enabled: jid1-MnnxcxisBPnSXQ@jetpack
FF NewTabOverride: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> Enabled: uBlock0@raymondhill.net
FF NewTabOverride: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> Enabled: @contain-amzn
FF NewTabOverride: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> Enabled: @contain-facebook
FF Extension: (Proton Pass: Free Password Manager) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\78272b6fa58f4a1abaac99321d503a20@proton.me.xpi [2024-06-01]
FF Extension: (Amazon Container) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\@contain-amzn.xpi [2023-10-15]
FF Extension: (Facebook Container) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\@contain-facebook.xpi [2023-10-15]
FF Extension: (Emoji Keyboard - Emojis For Firefox) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\@emojikeyboard.xpi [2024-04-26]
FF Extension: (SimpleLogin:Receive & Send emails anonymously) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\addon@simplelogin.xpi [2024-05-10]
FF Extension: (EuroSaver - Amazon Product Price Comparison) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\amazineurope@founderedeveloper.com.xpi [2024-06-21]
FF Extension: (Dictionnaire français) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2023-10-15]
FF Extension: (Le Camelizer) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\izer@camelcamelcamel.com.xpi [2023-10-15]
FF Extension: (Notifier for Gmail™) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2024-03-06]
FF Extension: (I don't care about cookies) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-12-07]
FF Extension: (Privacy Badger) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2024-06-19]
FF Extension: (Language: Français (French)) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\langpack-fr@firefox.mozilla.org.xpi [2024-06-19]
FF Extension: (Correcteur d’orthographe — LanguageTool) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\languagetool-webextension@languagetool.org.xpi [2024-06-11]
FF Extension: (Bypass Paywalls Clean (c)) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\magnolia_limited_permissions@12.34.xpi [2024-04-01] [UpdateUrl:hxxps://gitlab.com/magnolia1234/bypass-paywalls-firefox-clean/-/raw/master/updates_custom.json]
FF Extension: (Material Freebox OS) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\material-freebox-os@s-quent.in.xpi [2024-04-26]
FF Extension: (Speed Dial 2 New tab) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\michal.simonfy@gmail.com.xpi [2024-05-24]
FF Extension: (Pas de nom) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\support@shoptimate.com.xpi [2023-12-23]
FF Extension: (GMX.com MailCheck) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\toolbar@gmx.com.xpi [2024-04-18]
FF Extension: (uBlock Origin) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\uBlock0@raymondhill.net.xpi [2024-05-23]
FF Extension: (Zimbra Mail Notifier) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\zimbra_mail_notifier@davidguehennec.com.xpi [2023-10-15]
FF Extension: (TWP - Translate Web Pages) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2024-03-11]
FF Extension: (FoE - Assistant) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{0668a87f-e3bb-4ed3-a096-e145c1e9f1d2}.xpi [2024-06-19]
FF Extension: (Dealabs | Économisez sur vos achats) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{188e9a6d-0e71-49ad-b1f2-0b78519512e0}.xpi [2024-05-24]
FF Extension: (Blue Mozilla Firefox) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{250785ec-4aec-42b6-823f-05343d80e109}.xpi [2023-10-15]
FF Extension: (Timer) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{457040a2-afa9-457c-8a13-609c2327023a}.xpi [2024-04-26]
FF Extension: (ChatGPT for Google) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{4b726fbc-aba9-4fa7-97fd-a42c2511ddf7}.xpi [2023-10-15]
FF Extension: (Z-Library Finder) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{4eabbd44-bfa2-4b3d-806a-56804853b16d}.xpi [2023-12-28] [UpdateUrl:hxxps://zlibrary-global.se/soft/mozilla_addon_updates.json]
FF Extension: (ProtonMail (unofficial)) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{a7034f44-2fa8-4544-bc40-58c3556f4361}.xpi [2023-10-15]
FF Extension: (Firefox B) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{ac40163c-8804-4dad-90fc-e25ebd6e9a57}.xpi [2023-10-15]
FF Extension: (FirefoxClassicalBlue) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2023-10-15]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default [2024-06-23]
CHR StartupUrls: Default -> "hxxps://www.qwant.com/","hxxps://zimbra.free.fr/zimbra/mail"
CHR DefaultSearchURL: Default -> hxxps://www.qwant.com/?q={searchTerms}&client=ext-chrome-sb
CHR DefaultSearchKeyword: Default -> www.qwant.com
CHR DefaultSuggestURL: Default -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch
CHR Extension: (Mobility Print) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\alhngdkjgnedakdlnamimgfihgkmenbh [2024-05-13]
CHR Extension: (PagesJaunes) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiebajnnakcjkedcfamhdfgckcbnhke [2023-08-23]
CHR Extension: (uBlock Origin) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-13]
CHR Extension: (Smart HTTPS) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmleijjdpceldbelpnpkddofmcmcaknm [2024-05-13]
CHR Extension: (I don't care about cookies) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-12-28]
CHR Extension: (Iridium for YouTube) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbjmgndncjkjfcnpfhgidhbgokofegbl [2023-08-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-23]
CHR Extension: (Qwant) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnlkiofnhhoahaiimdicppgemmmomijo [2023-08-23]
CHR Extension: (Emoji Copy Paste) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kakenlcjjabkimffanalanbhoejkbdmf [2023-08-23]
CHR Extension: (Zimbra Mail Notifier) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kglapfficgodpkmenjfpfcignofghanc [2023-08-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-23]
CHR Extension: (Bitwarden - Gestion des mots de passe) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2023-12-28]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2023-12-28]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe [1102320 2023-10-30] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012384 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446328 2023-09-13] (Canon Inc. -> )
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24504 2023-06-13] (OpenVPN Inc. -> The OpenVPN project)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [63776 2023-06-13] (OpenVPN Inc. -> The OpenVPN Project)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [561152 2024-05-30] (Microsoft Windows -> Microsoft Corporation)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [172928 2023-11-19] (AOMEI International Network Limited -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2023-11-19] (AOMEI International Network Limited -> )
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [84640 2023-03-21] (Microsoft Windows Hardware Compatibility Publisher -> wch.cn)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218608 2024-05-30] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_JSL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_jsl.inf_amd64_a5b7c5fa27b1440d\iaLPSS2_GPIO2_JSL.sys [139904 2021-08-13] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_JSL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_jsl.inf_amd64_e880eca46d102096\iaLPSS2_I2C_JSL.sys [201880 2021-08-13] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_JSL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_jsl.inf_amd64_e944e2267994f164\iaLPSS2_SPI_JSL.sys [160392 2021-08-13] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_JSL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_jsl.inf_amd64_b22fda5f91bd75ed\iaLPSS2_UART2_JSL.sys [316576 2021-08-13] (Intel Corporation -> Intel Corporation)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [91560 2023-03-31] (WDKTestCert lev,132435948852968539 -> OpenVPN, Inc)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [40448 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2024-02-03] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2023-08-17] (WireGuard LLC -> WireGuard LLC)
S3 MpKsl92df1e60; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3C30629-737C-49AE-BEF2-D6DE720C914A}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-06-23 14:42 - 2024-06-23 14:43 - 000029060 _____ C:\Users\Yvon\Desktop\FRST.txt
2024-06-23 14:42 - 2024-06-23 09:50 - 002395648 _____ (Farbar) C:\Users\Yvon\Desktop\FRST64.exe
2024-06-23 13:18 - 2024-06-23 13:18 - 003015529 _____ C:\Users\Yvon\Desktop\Dos bleu foncé.gcode
2024-06-23 12:05 - 2024-06-23 12:05 - 000294175 _____ C:\Users\Yvon\Desktop\Iris.gcode
2024-06-23 11:44 - 2024-06-23 09:50 - 002395648 _____ (Farbar) C:\Users\Yvon\Downloads\FRST64.exe
2024-06-23 11:20 - 2024-06-23 11:20 - 000771570 _____ C:\WINDOWS\system32\perfh00C.dat
2024-06-23 11:20 - 2024-06-23 11:20 - 000148698 _____ C:\WINDOWS\system32\perfc00C.dat
2024-06-23 11:19 - 2024-06-23 11:19 - 000061962 _____ C:\Users\Yvon\Documents\Config FoE Helper.zip
2024-06-23 09:32 - 2024-06-23 09:25 - 000416545 _____ C:\Users\Yvon\Desktop\Pièces Stitch.jpeg
2024-06-22 09:48 - 2024-06-23 09:31 - 000000000 ____D C:\Users\Yvon\Desktop\stitch multipart
2024-06-21 20:08 - 2024-06-21 15:16 - 000001282 _____ C:\Users\Yvon\Downloads\ESET Online Scanner.lnk
2024-06-20 09:56 - 2024-06-20 09:56 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-06-20 09:56 - 2024-06-20 09:56 - 000000000 ____D C:\ProgramData\Avast Software
2024-06-20 09:54 - 2024-06-21 15:14 - 000000000 ____D C:\ProgramData\F-Secure
2024-06-20 09:53 - 2024-06-21 20:07 - 000000000 ____D C:\Users\Yvon\AppData\Local\FSDART
2024-06-20 09:53 - 2024-06-20 09:53 - 000000000 ____D C:\Users\Yvon\AppData\Local\F-Secure
2024-06-20 08:58 - 2024-06-19 22:13 - 002591712 _____ (Malwarebytes) C:\Users\Yvon\Downloads\MBSetup.exe
2024-06-19 21:34 - 2024-06-23 14:43 - 000000000 ____D C:\FRST
2024-06-19 21:04 - 2024-06-19 23:00 - 000000000 ____D C:\Program Files\Malwarebytes
2024-06-19 21:00 - 2024-06-19 21:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-06-19 20:44 - 2024-06-19 21:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-06-15 16:47 - 2024-06-15 16:47 - 000000000 ____D C:\WINDOWS\Panther
2024-06-15 16:42 - 2024-06-15 16:47 - 000000000 ___HD C:\$WinREAgent
2024-06-11 21:03 - 2024-06-11 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manuel Canon TS6300 series
2024-06-11 21:01 - 2024-06-11 21:48 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-06-11 21:01 - 2024-06-11 21:01 - 000000000 ____D C:\ProgramData\Canon
2024-06-11 20:51 - 2024-06-11 20:51 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\VS Revo Group
2024-06-11 20:47 - 2024-06-11 20:47 - 000000000 ____D C:\Program Files\Canon
2024-06-09 14:59 - 2024-06-09 15:13 - 000000000 ___HD C:\ProgramData\Eng
2024-06-09 14:30 - 2024-06-21 16:38 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\hfad
2024-06-09 14:30 - 2024-06-09 14:30 - 000000000 ____D C:\Users\Yvon\AppData\Local\Qny_Lx_Valid_alpha_88
2024-06-08 14:13 - 2024-06-08 18:08 - 000000000 ____D C:\Program Files (x86)\G-Lock Software
2024-06-08 11:06 - 2024-06-08 11:06 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\easy_photoprint_editor
2024-06-07 18:23 - 2024-06-07 18:23 - 000001670 _____ C:\Users\Yvon\AppData\Local\recently-used.xbel
2024-06-07 17:46 - 2024-06-07 17:47 - 000000000 ___HD C:\ProgramData\CanonIJScan
2024-06-01 18:01 - 2024-06-01 18:01 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-05-30 20:53 - 2024-05-30 20:53 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-30 20:50 - 2024-05-30 20:50 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-05-26 10:35 - 2024-06-11 20:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\WaterfoxLimited
2024-05-26 10:35 - 2024-05-26 10:35 - 000001996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox Private Browsing.lnk
2024-05-26 10:35 - 2024-05-26 10:35 - 000000000 ____D C:\ProgramData\Waterfox-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-24 09:51 - 2024-05-24 09:51 - 000000000 ____D C:\Program Files\Epic Games
2024-05-24 09:40 - 2024-05-24 09:40 - 000000000 ____D C:\Users\Yvon\AppData\Local\NVIDIA Corporation
2024-05-24 09:37 - 2024-05-24 10:44 - 000000000 ____D C:\Users\Yvon\AppData\Local\EpicGamesLauncher
2024-05-24 09:37 - 2024-05-24 09:37 - 000000000 ____D C:\Users\Yvon\AppData\Local\UnrealEngineLauncher
2024-05-24 09:37 - 2024-05-24 09:37 - 000000000 ____D C:\Users\Yvon\AppData\Local\UnrealEngine
2024-05-24 09:35 - 2024-05-24 11:25 - 000000000 ____D C:\ProgramData\Epic
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-06-23 13:21 - 2023-10-13 13:51 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Microsoft\Excel
2024-06-23 13:21 - 2023-08-18 13:43 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Microsoft\Word
2024-06-23 13:00 - 2023-08-17 14:26 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-06-23 12:59 - 2023-08-17 16:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-06-23 12:55 - 2023-08-17 16:24 - 199048176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-06-23 11:59 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-23 11:23 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-23 11:20 - 2023-11-19 17:39 - 001713458 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-23 11:20 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-06-23 11:14 - 2023-08-20 13:56 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Ditto
2024-06-23 11:13 - 2023-11-19 17:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-23 11:13 - 2023-11-19 17:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-23 11:13 - 2023-11-04 09:22 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2024-06-23 11:13 - 2023-08-16 00:56 - 000000000 ____D C:\Intel
2024-06-23 11:13 - 2023-08-16 00:55 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-23 11:13 - 2023-08-15 16:05 - 000000000 __SHD C:\Users\Yvon\IntelGraphicsProfiles
2024-06-23 11:13 - 2023-07-22 17:38 - 000000520 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2024-06-23 11:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-06-23 11:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Registration
2024-06-23 11:12 - 2022-05-07 07:17 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2024-06-23 10:43 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-06-22 22:37 - 2024-03-15 12:47 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\vlc
2024-06-22 16:18 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-22 16:18 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-22 12:59 - 2024-01-03 12:22 - 000000000 ____D C:\Users\Yvon\Documents\Simple Sticky Notes
2024-06-22 09:49 - 2023-08-17 10:22 - 000000000 ___RD C:\Users\Yvon\Desktop\Cura
2024-06-22 09:38 - 2023-09-02 10:40 - 000000000 ____D C:\Users\Yvon\AppData\Local\ElevatedDiagnostics
2024-06-22 07:57 - 2023-08-18 00:05 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-21 16:10 - 2023-08-23 15:41 - 000000000 ____D C:\ProgramData\regid.1993-06.com.microsoft
2024-06-21 15:16 - 2023-08-23 21:20 - 000001388 _____ C:\Users\Yvon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-06-20 11:54 - 2023-11-19 17:35 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-06-20 09:43 - 2023-08-17 18:15 - 000000000 ____D C:\Users\Yvon\AppData\Local\CrashDumps
2024-06-19 22:59 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-06-19 21:08 - 2023-11-19 17:20 - 000000000 ____D C:\Users\Yvon
2024-06-19 21:08 - 2023-08-17 14:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-06-19 21:06 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-19 21:03 - 2023-08-23 16:04 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\ZHP
2024-06-19 21:02 - 2023-09-02 10:15 - 003364512 _____ (Nicolas Coolman) C:\Users\Yvon\ZHPCleaner.exe
2024-06-19 21:00 - 2023-08-17 14:26 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-06-19 20:54 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-06-16 11:22 - 2023-11-12 15:53 - 000000000 ____D C:\ProgramData\AomeiBR
2024-06-16 11:22 - 2023-11-04 09:21 - 000001024 ____H C:\SYSTAG.BIN
2024-06-16 09:55 - 2023-08-18 13:36 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-15 17:21 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-06-15 17:07 - 2023-08-17 14:18 - 000000000 ____D C:\Users\Yvon\AppData\Local\Packages
2024-06-15 17:05 - 2023-11-19 17:35 - 000472368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-06-15 17:05 - 2023-08-17 14:07 - 000000000 ____D C:\ProgramData\Realtek
2024-06-15 17:04 - 2023-10-01 08:55 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-06-15 17:04 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-06-15 17:04 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-06-15 17:04 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-06-15 16:52 - 2023-11-19 17:36 - 003216384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-06-14 17:32 - 2023-08-26 18:41 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\DeepL_SE
2024-06-12 22:14 - 2023-08-18 13:43 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Microsoft\Office
2024-06-12 12:20 - 2023-08-17 14:20 - 000000000 ____D C:\Users\Yvon\AppData\Local\D3DSCache
2024-06-12 10:41 - 2023-12-23 19:27 - 000000000 ____D C:\Users\Yvon\Downloads\APK
2024-06-11 21:26 - 2023-08-17 17:11 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Canon
2024-06-11 21:25 - 2023-08-17 14:20 - 000000000 ____D C:\Users\Yvon\AppData\Local\PlaceholderTileLogoFolder
2024-06-11 21:25 - 2023-08-17 14:18 - 000000000 ____D C:\ProgramData\Packages
2024-06-11 21:22 - 2023-08-16 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2024-06-11 21:21 - 2023-08-17 16:56 - 000000000 ____D C:\Program Files (x86)\Canon
2024-06-11 21:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Media
2024-06-11 20:52 - 2023-11-19 17:38 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{93419C37-685F-4A8F-B9C3-72752718AA39}
2024-06-11 20:52 - 2023-11-19 17:38 - 000003530 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{1139CD74-DAE0-4A49-A35A-87A1CFB7A2B1}
2024-06-11 09:45 - 2023-08-16 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2024-06-08 18:01 - 2023-11-30 16:07 - 000000000 ____D C:\WINDOWS\Minidump
2024-06-08 10:07 - 2023-08-28 14:13 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2024-06-08 10:05 - 2024-02-28 12:15 - 000000000 ____D C:\Users\Yvon\AppData\Local\Proton
2024-06-07 18:25 - 2023-08-29 18:45 - 000000000 ____D C:\Users\Yvon\AppData\Local\babl-0.1
2024-06-07 18:23 - 2023-08-29 18:56 - 000000000 ____D C:\Users\Yvon\AppData\Local\gtk-2.0
2024-06-05 17:52 - 2023-08-17 16:55 - 000000000 ___HD C:\Program Files\CanonBJ
2024-06-05 09:36 - 2023-08-17 14:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-04 17:13 - 2023-08-17 18:41 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Autodesk
2024-06-02 17:52 - 2023-08-17 18:46 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Fusion360
2024-06-02 17:51 - 2023-08-17 14:24 - 000000000 ____D C:\Users\Yvon\AppData\Local\Autodesk
2024-05-30 21:37 - 2024-04-15 14:38 - 000000000 ____D C:\Program Files (x86)\LightBulb
2024-05-30 21:28 - 2022-05-07 09:39 - 000000000 ____D C:\WINDOWS\InboxApps
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-05-30 21:01 - 2022-05-07 09:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-05-30 21:01 - 2022-05-07 09:39 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-05-30 21:01 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2024-05-30 21:01 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2024-05-24 09:39 - 2023-08-17 17:25 - 000000000 ____D C:\ProgramData\Package Cache
==================== Fichiers à la racine de certains dossiers ========
2023-09-02 10:15 - 2024-06-19 21:02 - 003364512 _____ (Nicolas Coolman) C:\Users\Yvon\ZHPCleaner.exe
2024-06-07 18:23 - 2024-06-07 18:23 - 000001670 _____ () C:\Users\Yvon\AppData\Local\recently-used.xbel
2023-12-28 18:38 - 2023-12-28 18:38 - 000007605 _____ () C:\Users\Yvon\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Yvon (administrateur) sur PC-YVON (Intel Corporation Jasper Lake Client Platform) (23-06-2024 14:42:45)
Exécuté depuis C:\Users\Yvon\Desktop\FRST64.exe
Profils chargés: Yvon
Plate-forme: Microsoft Windows 11 Professionnel Version 23H2 22631.3737 (X64) Langue: Anglais (États-Unis) -> Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\RocketDock\RocketDock.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxEMN.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files (x86)\Ditto\Ditto.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files (x86)\RocketDock\RocketDock.exe
(explorer.exe ->) () [Fichier non signé] C:\Program Files\UltiMaker Cura 5.6.0\UltiMaker-Cura.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.12008.0_x64__8wekyb3d8bbwe\Photos.exe
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2405.13.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(explorer.exe ->) (Simnet Bilgisayar Yazılım Hiz. San. ve Tic. Ltd. Şti. -> Simnet Ltd.) C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe
(explorer.exe ->) (Tyrrrz) [Fichier non signé] C:\Program Files (x86)\LightBulb\LightBulb.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_bd81469b51147524\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_47d3698a1c94c55a\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d8bdffa26077ee9a\IntelCpHDCPSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN project) C:\Program Files\OpenVPN\bin\openvpnserv2.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.20.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
Impossible d'accéder au processus -> vmmemCmZygote
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 1
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 1
HKU\S-1-5-21-4134051112-3384048745-3267083007-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () [Fichier non signé]
HKU\S-1-5-21-4134051112-3384048745-3267083007-1001\...\Run: [LightBulb] => C:\Program Files (x86)\LightBulb\LightBulb.exe [147456 2024-06-07] (Tyrrrz) [Fichier non signé]
HKU\S-1-5-21-4134051112-3384048745-3267083007-1001\...\Run: [Ditto] => C:\Program Files (x86)\Ditto\Ditto.exe [4604928 2023-04-15] () [Fichier non signé]
HKU\S-1-5-21-4134051112-3384048745-3267083007-1001\...\Run: [Simple Sticky Notes] => C:\Program Files (x86)\Simnet\Simple Sticky Notes\ssn.exe [850048 2024-03-24] (Simnet Bilgisayar Yazılım Hiz. San. ve Tic. Ltd. Şti. -> Simnet Ltd.)
HKU\S-1-5-21-4134051112-3384048745-3267083007-1001\...\Run: [MicrosoftEdgeAutoLaunch_1597D6168F201E1468D5C31BFFA62235] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883560 2024-06-20] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon TS6300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDFQ.DLL [526848 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP3600 series: CNMLM99.DLL (Pas de fichier)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6300 series: C:\WINDOWS\system32\CNMLMFQ.DLL [956928 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\PEPrinterMonitor.dll [292592 2023-12-27] (Wondershare Technology Group Co.,Ltd -> Wondershare Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /f /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\126.0.6478.114\Installer\chrmstp.exe [2024-06-21] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2673FC81-8901-414F-B794-7284DBD595EC} - \update-sys -> Pas de fichier <==== ATTENTION
Task: {53964B93-CFE0-4CFC-A77B-7694025531AB} - \update-sys -> Pas de fichier <==== ATTENTION
Task: {6EA6A613-D690-4F5E-B369-576B69930727} - \update-sys -> Pas de fichier <==== ATTENTION
Task: {B71955AC-3993-43F0-BF22-BBFBE66C6C94} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5472312 2024-06-15] (Microsoft Windows -> Microsoft Corporation)
Task: {5F50C659-A728-4C86-B04F-88452C2AD022} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{03DBDC47-29FE-4385-8F02-FCF26C5EE4F4} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {CD588E78-DAA9-4908-A83B-B1B2B063B02B} - System32\Tasks\GoogleSystem\GoogleUpdater\UIAutomsg => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58856 2022-05-07] (Microsoft Corporation -> Microsoft Corporation) -> C:\ProgramData\AlertCamera\SjnforSiruct\C:\ProgramData\AlertCamera\SjnforSiruct\AcGlRUpd4Szfn.dll /u
Task: {A7F8327B-0BF7-4C53-967F-9D04DC591B91} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499424 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BB96594-A8B7-4EB8-BAB5-D60B8BF59B5C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499424 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6AB8554-FD92-4BCA-A71A-29BB1A7D9600} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {79F021F7-34C4-4AC9-B634-8381D6A31CA1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {A390375D-C341-4D4B-B284-34FA5D43C72A} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169648 2024-06-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {F80E7CA6-E910-4A74-A907-A3898E4CD4CE} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\WINDOWS\system32\rundll32.exe [73728 2024-04-24] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {78431258-D667-4F93-A8C8-491FC30838EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B5A447B-54F9-4B9D-AB9E-C111ED5A20FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {076C1A15-3DE1-4315-93E9-37D7F8239262} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B248F3ED-851E-42D2-BF60-E4FF862AD56A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34888 2024-06-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {05466B87-CC6D-47C9-A849-E3656841A5A8} - System32\Tasks\update-S-1-5-21-4134051112-3384048745-3267083007-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Pas de fichier)
Task: {324B5D33-1E1E-495D-BCD1-1C6048AFB58F} - System32\Tasks\update-S-1-5-21-4134051112-3384048745-3267083007-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Pas de fichier)
Task: {77AED174-436B-41F5-92FA-F18DF3B6534A} - System32\Tasks\update-S-1-5-21-4134051112-3384048745-3267083007-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-4134051112-3384048745-3267083007-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{201201ff-df6f-4581-8b8c-f119ba8bf0a9}: [DhcpNameServer] 192.168.248.2
Tcpip\..\Interfaces\{c67dead8-989d-4ad1-bbe5-429414edc9e5}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{fe84ebbe-fd7a-423e-bc70-1b4b22672e00}: [NameServer] 1.1.1.2,1.0.0.2
Tcpip\..\Interfaces\{fe84ebbe-fd7a-423e-bc70-1b4b22672e00}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Profile: C:\Users\Yvon\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-16]
Edge Extension: (Google Docs hors connexion) - C:\Users\Yvon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-06]
Edge Extension: (Edge relevant text changes) - C:\Users\Yvon\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-24]
FireFox:
========
FF DefaultProfile: yvuc2nvc.default
FF ProfilePath: C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\yvuc2nvc.default [2024-06-23]
FF ProfilePath: C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 [2024-06-23]
FF DownloadDir: C:\Users\Yvon\Desktop
FF Notifications: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> hxxps://fr1.forgeofempires.com; hxxps://calendar.proton.me
FF NewTabOverride: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> Disabled: michal.simonfy@gmail.com
FF NewTabOverride: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> Enabled: jid1-MnnxcxisBPnSXQ@jetpack
FF NewTabOverride: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> Enabled: uBlock0@raymondhill.net
FF NewTabOverride: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> Enabled: @contain-amzn
FF NewTabOverride: Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810 -> Enabled: @contain-facebook
FF Extension: (Proton Pass: Free Password Manager) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\78272b6fa58f4a1abaac99321d503a20@proton.me.xpi [2024-06-01]
FF Extension: (Amazon Container) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\@contain-amzn.xpi [2023-10-15]
FF Extension: (Facebook Container) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\@contain-facebook.xpi [2023-10-15]
FF Extension: (Emoji Keyboard - Emojis For Firefox) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\@emojikeyboard.xpi [2024-04-26]
FF Extension: (SimpleLogin:Receive & Send emails anonymously) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\addon@simplelogin.xpi [2024-05-10]
FF Extension: (EuroSaver - Amazon Product Price Comparison) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\amazineurope@founderedeveloper.com.xpi [2024-06-21]
FF Extension: (Dictionnaire français) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2023-10-15]
FF Extension: (Le Camelizer) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\izer@camelcamelcamel.com.xpi [2023-10-15]
FF Extension: (Notifier for Gmail™) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2024-03-06]
FF Extension: (I don't care about cookies) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-12-07]
FF Extension: (Privacy Badger) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2024-06-19]
FF Extension: (Language: Français (French)) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\langpack-fr@firefox.mozilla.org.xpi [2024-06-19]
FF Extension: (Correcteur d’orthographe — LanguageTool) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\languagetool-webextension@languagetool.org.xpi [2024-06-11]
FF Extension: (Bypass Paywalls Clean (c)) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\magnolia_limited_permissions@12.34.xpi [2024-04-01] [UpdateUrl:hxxps://gitlab.com/magnolia1234/bypass-paywalls-firefox-clean/-/raw/master/updates_custom.json]
FF Extension: (Material Freebox OS) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\material-freebox-os@s-quent.in.xpi [2024-04-26]
FF Extension: (Speed Dial 2 New tab) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\michal.simonfy@gmail.com.xpi [2024-05-24]
FF Extension: (Pas de nom) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\support@shoptimate.com.xpi [2023-12-23]
FF Extension: (GMX.com MailCheck) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\toolbar@gmx.com.xpi [2024-04-18]
FF Extension: (uBlock Origin) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\uBlock0@raymondhill.net.xpi [2024-05-23]
FF Extension: (Zimbra Mail Notifier) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\zimbra_mail_notifier@davidguehennec.com.xpi [2023-10-15]
FF Extension: (TWP - Translate Web Pages) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2024-03-11]
FF Extension: (FoE - Assistant) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{0668a87f-e3bb-4ed3-a096-e145c1e9f1d2}.xpi [2024-06-19]
FF Extension: (Dealabs | Économisez sur vos achats) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{188e9a6d-0e71-49ad-b1f2-0b78519512e0}.xpi [2024-05-24]
FF Extension: (Blue Mozilla Firefox) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{250785ec-4aec-42b6-823f-05343d80e109}.xpi [2023-10-15]
FF Extension: (Timer) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{457040a2-afa9-457c-8a13-609c2327023a}.xpi [2024-04-26]
FF Extension: (ChatGPT for Google) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{4b726fbc-aba9-4fa7-97fd-a42c2511ddf7}.xpi [2023-10-15]
FF Extension: (Z-Library Finder) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{4eabbd44-bfa2-4b3d-806a-56804853b16d}.xpi [2023-12-28] [UpdateUrl:hxxps://zlibrary-global.se/soft/mozilla_addon_updates.json]
FF Extension: (ProtonMail (unofficial)) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{a7034f44-2fa8-4544-bc40-58c3556f4361}.xpi [2023-10-15]
FF Extension: (Firefox B) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{ac40163c-8804-4dad-90fc-e25ebd6e9a57}.xpi [2023-10-15]
FF Extension: (FirefoxClassicalBlue) - C:\Users\Yvon\AppData\Roaming\Mozilla\Firefox\Profiles\hy3vovsf.default-release-1697376308810\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2023-10-15]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default [2024-06-23]
CHR StartupUrls: Default -> "hxxps://www.qwant.com/","hxxps://zimbra.free.fr/zimbra/mail"
CHR DefaultSearchURL: Default -> hxxps://www.qwant.com/?q={searchTerms}&client=ext-chrome-sb
CHR DefaultSearchKeyword: Default -> www.qwant.com
CHR DefaultSuggestURL: Default -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch
CHR Extension: (Mobility Print) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\alhngdkjgnedakdlnamimgfihgkmenbh [2024-05-13]
CHR Extension: (PagesJaunes) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiebajnnakcjkedcfamhdfgckcbnhke [2023-08-23]
CHR Extension: (uBlock Origin) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-05-13]
CHR Extension: (Smart HTTPS) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmleijjdpceldbelpnpkddofmcmcaknm [2024-05-13]
CHR Extension: (I don't care about cookies) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-12-28]
CHR Extension: (Iridium for YouTube) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbjmgndncjkjfcnpfhgidhbgokofegbl [2023-08-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-23]
CHR Extension: (Qwant) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnlkiofnhhoahaiimdicppgemmmomijo [2023-08-23]
CHR Extension: (Emoji Copy Paste) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kakenlcjjabkimffanalanbhoejkbdmf [2023-08-23]
CHR Extension: (Zimbra Mail Notifier) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kglapfficgodpkmenjfpfcignofghanc [2023-08-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-08-23]
CHR Extension: (Bitwarden - Gestion des mots de passe) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2023-12-28]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Yvon\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2023-12-28]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.3.3\ABService.exe [1102320 2023-10-30] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012384 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [446328 2023-09-13] (Canon Inc. -> )
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24504 2023-06-13] (OpenVPN Inc. -> The OpenVPN project)
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [63776 2023-06-13] (OpenVPN Inc. -> The OpenVPN Project)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcxHdAudio; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [561152 2024-05-30] (Microsoft Windows -> Microsoft Corporation)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [172928 2023-11-19] (AOMEI International Network Limited -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2023-11-19] (AOMEI International Network Limited -> )
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [84640 2023-03-21] (Microsoft Windows Hardware Compatibility Publisher -> wch.cn)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [218608 2024-05-30] (Microsoft Windows -> Microsoft Corporation)
R3 iaLPSS2_GPIO2_JSL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_jsl.inf_amd64_a5b7c5fa27b1440d\iaLPSS2_GPIO2_JSL.sys [139904 2021-08-13] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_JSL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_jsl.inf_amd64_e880eca46d102096\iaLPSS2_I2C_JSL.sys [201880 2021-08-13] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_SPI_JSL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_spi_jsl.inf_amd64_e944e2267994f164\iaLPSS2_SPI_JSL.sys [160392 2021-08-13] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_JSL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_jsl.inf_amd64_b22fda5f91bd75ed\iaLPSS2_UART2_JSL.sys [316576 2021-08-13] (Intel Corporation -> Intel Corporation)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [91560 2023-03-31] (WDKTestCert lev,132435948852968539 -> OpenVPN, Inc)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [40448 2023-08-17] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [94208 2024-02-03] (Microsoft Windows -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2023-08-17] (WireGuard LLC -> WireGuard LLC)
S3 MpKsl92df1e60; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C3C30629-737C-49AE-BEF2-D6DE720C914A}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-06-23 14:42 - 2024-06-23 14:43 - 000029060 _____ C:\Users\Yvon\Desktop\FRST.txt
2024-06-23 14:42 - 2024-06-23 09:50 - 002395648 _____ (Farbar) C:\Users\Yvon\Desktop\FRST64.exe
2024-06-23 13:18 - 2024-06-23 13:18 - 003015529 _____ C:\Users\Yvon\Desktop\Dos bleu foncé.gcode
2024-06-23 12:05 - 2024-06-23 12:05 - 000294175 _____ C:\Users\Yvon\Desktop\Iris.gcode
2024-06-23 11:44 - 2024-06-23 09:50 - 002395648 _____ (Farbar) C:\Users\Yvon\Downloads\FRST64.exe
2024-06-23 11:20 - 2024-06-23 11:20 - 000771570 _____ C:\WINDOWS\system32\perfh00C.dat
2024-06-23 11:20 - 2024-06-23 11:20 - 000148698 _____ C:\WINDOWS\system32\perfc00C.dat
2024-06-23 11:19 - 2024-06-23 11:19 - 000061962 _____ C:\Users\Yvon\Documents\Config FoE Helper.zip
2024-06-23 09:32 - 2024-06-23 09:25 - 000416545 _____ C:\Users\Yvon\Desktop\Pièces Stitch.jpeg
2024-06-22 09:48 - 2024-06-23 09:31 - 000000000 ____D C:\Users\Yvon\Desktop\stitch multipart
2024-06-21 20:08 - 2024-06-21 15:16 - 000001282 _____ C:\Users\Yvon\Downloads\ESET Online Scanner.lnk
2024-06-20 09:56 - 2024-06-20 09:56 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-06-20 09:56 - 2024-06-20 09:56 - 000000000 ____D C:\ProgramData\Avast Software
2024-06-20 09:54 - 2024-06-21 15:14 - 000000000 ____D C:\ProgramData\F-Secure
2024-06-20 09:53 - 2024-06-21 20:07 - 000000000 ____D C:\Users\Yvon\AppData\Local\FSDART
2024-06-20 09:53 - 2024-06-20 09:53 - 000000000 ____D C:\Users\Yvon\AppData\Local\F-Secure
2024-06-20 08:58 - 2024-06-19 22:13 - 002591712 _____ (Malwarebytes) C:\Users\Yvon\Downloads\MBSetup.exe
2024-06-19 21:34 - 2024-06-23 14:43 - 000000000 ____D C:\FRST
2024-06-19 21:04 - 2024-06-19 23:00 - 000000000 ____D C:\Program Files\Malwarebytes
2024-06-19 21:00 - 2024-06-19 21:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-06-19 20:44 - 2024-06-19 21:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-06-15 16:47 - 2024-06-15 16:47 - 000000000 ____D C:\WINDOWS\Panther
2024-06-15 16:42 - 2024-06-15 16:47 - 000000000 ___HD C:\$WinREAgent
2024-06-11 21:03 - 2024-06-11 21:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Manuel Canon TS6300 series
2024-06-11 21:01 - 2024-06-11 21:48 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-06-11 21:01 - 2024-06-11 21:01 - 000000000 ____D C:\ProgramData\Canon
2024-06-11 20:51 - 2024-06-11 20:51 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\VS Revo Group
2024-06-11 20:47 - 2024-06-11 20:47 - 000000000 ____D C:\Program Files\Canon
2024-06-09 14:59 - 2024-06-09 15:13 - 000000000 ___HD C:\ProgramData\Eng
2024-06-09 14:30 - 2024-06-21 16:38 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\hfad
2024-06-09 14:30 - 2024-06-09 14:30 - 000000000 ____D C:\Users\Yvon\AppData\Local\Qny_Lx_Valid_alpha_88
2024-06-08 14:13 - 2024-06-08 18:08 - 000000000 ____D C:\Program Files (x86)\G-Lock Software
2024-06-08 11:06 - 2024-06-08 11:06 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\easy_photoprint_editor
2024-06-07 18:23 - 2024-06-07 18:23 - 000001670 _____ C:\Users\Yvon\AppData\Local\recently-used.xbel
2024-06-07 17:46 - 2024-06-07 17:47 - 000000000 ___HD C:\ProgramData\CanonIJScan
2024-06-01 18:01 - 2024-06-01 18:01 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-05-30 20:53 - 2024-05-30 20:53 - 000024821 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-05-30 20:50 - 2024-05-30 20:50 - 000024821 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-05-26 10:35 - 2024-06-11 20:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\WaterfoxLimited
2024-05-26 10:35 - 2024-05-26 10:35 - 000001996 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox Private Browsing.lnk
2024-05-26 10:35 - 2024-05-26 10:35 - 000000000 ____D C:\ProgramData\Waterfox-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-24 09:51 - 2024-05-24 09:51 - 000000000 ____D C:\Program Files\Epic Games
2024-05-24 09:40 - 2024-05-24 09:40 - 000000000 ____D C:\Users\Yvon\AppData\Local\NVIDIA Corporation
2024-05-24 09:37 - 2024-05-24 10:44 - 000000000 ____D C:\Users\Yvon\AppData\Local\EpicGamesLauncher
2024-05-24 09:37 - 2024-05-24 09:37 - 000000000 ____D C:\Users\Yvon\AppData\Local\UnrealEngineLauncher
2024-05-24 09:37 - 2024-05-24 09:37 - 000000000 ____D C:\Users\Yvon\AppData\Local\UnrealEngine
2024-05-24 09:35 - 2024-05-24 11:25 - 000000000 ____D C:\ProgramData\Epic
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-06-23 13:21 - 2023-10-13 13:51 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Microsoft\Excel
2024-06-23 13:21 - 2023-08-18 13:43 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Microsoft\Word
2024-06-23 13:00 - 2023-08-17 14:26 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-06-23 12:59 - 2023-08-17 16:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-06-23 12:55 - 2023-08-17 16:24 - 199048176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-06-23 11:59 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-23 11:23 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-06-23 11:20 - 2023-11-19 17:39 - 001713458 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-06-23 11:20 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-06-23 11:14 - 2023-08-20 13:56 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Ditto
2024-06-23 11:13 - 2023-11-19 17:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-06-23 11:13 - 2023-11-19 17:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-06-23 11:13 - 2023-11-04 09:22 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2024-06-23 11:13 - 2023-08-16 00:56 - 000000000 ____D C:\Intel
2024-06-23 11:13 - 2023-08-16 00:55 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-23 11:13 - 2023-08-15 16:05 - 000000000 __SHD C:\Users\Yvon\IntelGraphicsProfiles
2024-06-23 11:13 - 2023-07-22 17:38 - 000000520 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2024-06-23 11:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-06-23 11:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Registration
2024-06-23 11:12 - 2022-05-07 07:17 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2024-06-23 10:43 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-06-22 22:37 - 2024-03-15 12:47 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\vlc
2024-06-22 16:18 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-22 16:18 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-06-22 12:59 - 2024-01-03 12:22 - 000000000 ____D C:\Users\Yvon\Documents\Simple Sticky Notes
2024-06-22 09:49 - 2023-08-17 10:22 - 000000000 ___RD C:\Users\Yvon\Desktop\Cura
2024-06-22 09:38 - 2023-09-02 10:40 - 000000000 ____D C:\Users\Yvon\AppData\Local\ElevatedDiagnostics
2024-06-22 07:57 - 2023-08-18 00:05 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-21 16:10 - 2023-08-23 15:41 - 000000000 ____D C:\ProgramData\regid.1993-06.com.microsoft
2024-06-21 15:16 - 2023-08-23 21:20 - 000001388 _____ C:\Users\Yvon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-06-20 11:54 - 2023-11-19 17:35 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-06-20 09:43 - 2023-08-17 18:15 - 000000000 ____D C:\Users\Yvon\AppData\Local\CrashDumps
2024-06-19 22:59 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-06-19 21:08 - 2023-11-19 17:20 - 000000000 ____D C:\Users\Yvon
2024-06-19 21:08 - 2023-08-17 14:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-06-19 21:06 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-06-19 21:03 - 2023-08-23 16:04 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\ZHP
2024-06-19 21:02 - 2023-09-02 10:15 - 003364512 _____ (Nicolas Coolman) C:\Users\Yvon\ZHPCleaner.exe
2024-06-19 21:00 - 2023-08-17 14:26 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-06-19 20:54 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-06-16 11:22 - 2023-11-12 15:53 - 000000000 ____D C:\ProgramData\AomeiBR
2024-06-16 11:22 - 2023-11-04 09:21 - 000001024 ____H C:\SYSTAG.BIN
2024-06-16 09:55 - 2023-08-18 13:36 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-15 17:21 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-06-15 17:07 - 2023-08-17 14:18 - 000000000 ____D C:\Users\Yvon\AppData\Local\Packages
2024-06-15 17:05 - 2023-11-19 17:35 - 000472368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-06-15 17:05 - 2023-08-17 14:07 - 000000000 ____D C:\ProgramData\Realtek
2024-06-15 17:04 - 2023-10-01 08:55 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-06-15 17:04 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-06-15 17:04 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-06-15 17:04 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-06-15 16:52 - 2023-11-19 17:36 - 003216384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-06-14 17:32 - 2023-08-26 18:41 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\DeepL_SE
2024-06-12 22:14 - 2023-08-18 13:43 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Microsoft\Office
2024-06-12 12:20 - 2023-08-17 14:20 - 000000000 ____D C:\Users\Yvon\AppData\Local\D3DSCache
2024-06-12 10:41 - 2023-12-23 19:27 - 000000000 ____D C:\Users\Yvon\Downloads\APK
2024-06-11 21:26 - 2023-08-17 17:11 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Canon
2024-06-11 21:25 - 2023-08-17 14:20 - 000000000 ____D C:\Users\Yvon\AppData\Local\PlaceholderTileLogoFolder
2024-06-11 21:25 - 2023-08-17 14:18 - 000000000 ____D C:\ProgramData\Packages
2024-06-11 21:22 - 2023-08-16 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2024-06-11 21:21 - 2023-08-17 16:56 - 000000000 ____D C:\Program Files (x86)\Canon
2024-06-11 21:21 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Media
2024-06-11 20:52 - 2023-11-19 17:38 - 000003754 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{93419C37-685F-4A8F-B9C3-72752718AA39}
2024-06-11 20:52 - 2023-11-19 17:38 - 000003530 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{1139CD74-DAE0-4A49-A35A-87A1CFB7A2B1}
2024-06-11 09:45 - 2023-08-16 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2024-06-08 18:01 - 2023-11-30 16:07 - 000000000 ____D C:\WINDOWS\Minidump
2024-06-08 10:07 - 2023-08-28 14:13 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2024-06-08 10:05 - 2024-02-28 12:15 - 000000000 ____D C:\Users\Yvon\AppData\Local\Proton
2024-06-07 18:25 - 2023-08-29 18:45 - 000000000 ____D C:\Users\Yvon\AppData\Local\babl-0.1
2024-06-07 18:23 - 2023-08-29 18:56 - 000000000 ____D C:\Users\Yvon\AppData\Local\gtk-2.0
2024-06-05 17:52 - 2023-08-17 16:55 - 000000000 ___HD C:\Program Files\CanonBJ
2024-06-05 09:36 - 2023-08-17 14:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-04 17:13 - 2023-08-17 18:41 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Autodesk
2024-06-02 17:52 - 2023-08-17 18:46 - 000000000 ____D C:\Users\Yvon\AppData\Roaming\Fusion360
2024-06-02 17:51 - 2023-08-17 14:24 - 000000000 ____D C:\Users\Yvon\AppData\Local\Autodesk
2024-05-30 21:37 - 2024-04-15 14:38 - 000000000 ____D C:\Program Files (x86)\LightBulb
2024-05-30 21:28 - 2022-05-07 09:39 - 000000000 ____D C:\WINDOWS\InboxApps
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-30 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-05-30 21:01 - 2022-05-07 09:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-05-30 21:01 - 2022-05-07 09:39 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-05-30 21:01 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2024-05-30 21:01 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2024-05-24 09:39 - 2023-08-17 17:25 - 000000000 ____D C:\ProgramData\Package Cache
==================== Fichiers à la racine de certains dossiers ========
2023-09-02 10:15 - 2024-06-19 21:02 - 003364512 _____ (Nicolas Coolman) C:\Users\Yvon\ZHPCleaner.exe
2024-06-07 18:23 - 2024-06-07 18:23 - 000001670 _____ () C:\Users\Yvon\AppData\Local\recently-used.xbel
2023-12-28 18:38 - 2023-12-28 18:38 - 000007605 _____ () C:\Users\Yvon\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================